Brian Sims
Editor

HID Global | July 2025 | Skyscraper
HID Global | July 2025 | Skyscraper

LevelBlue research reveals surge in cyber threats targeting retailers

Posted to News on Saturday, November 29, 2025 Share:

LEVELBLUE, THE pure-play provider of managed security services, has issued its 2025 Spotlight Report: Aligning Cyber Resilience and Business Goals in Retail. The document explores how the retail industry is building a proactive stance in protecting itself from increasingly sophisticated attacks.

Amid pressure to integrate Artificial Intelligence (AI)-powered personalised shopping experiences, expand into third party marketplace platforms or pursue new revenue streams through re-commerce models, retailers are facing up to the challenge of establishing cyber resilience at a time when the threat landscape is intensifying.

As the threat landscape rapidly evolves, retailers are facing substantial attacks. The report reveals 44% of retailers say they are experiencing a significantly higher volume of attacks, while 34% note that their organisation has suffered a breach in the past 12 months.

Many retailers are aware of new threats they may face, but equally so many of them remain unprepared, and notably when it comes to AI-powered attacks, deepfakes and synthetic identity attacks. Specifically, only 25% of respondents are prepared for AI-powered threats, even though 45% expect them to happen, and only 33% suggest they’re prepared for deepfake attacks, even though 44% expect them to happen.

Beyond AI and deepfakes, supply chain security remains a major challenge. Nearly half (47%) of executives say they have very low-to-moderate visibility into their software supply chain, and only 22% say that engaging with suppliers about their security credentials is a top three priority in the next 12 months.   

As a result of these increasing threats, retailers are forced to take cyber security more seriously and make cyber resilience a priority. 67% of executives reporting high-profile breaches have pushed cyber security up the C-Suite agenda. Executives comment that increasing Boardroom engagement in cyber resilience discussions will be a top five priority for the next 12 months.

Innovation and security

“Cyber resilience is critical for innovation and security,” said Kory Daniels, chief security and trust officer at LevelBlue. “Retailers’ success requires the trust of consumers and suppliers. There’s still an opportunity for organisations to close critical gaps. While many organisations are taking proactive steps, challenges indicate the need for ongoing investments and a continued cyber-resilient culture to be effective in an evolving threat landscape.”

The LevelBlue report reveals additional indicators of retailers proactively focusing on improving cyber security measures:

*60% of executives say their cyber security team is integrated with lines of business

*51% say that leadership roles in their organisation are measured against cyber security performance indicators

*44% say they have effectively aligned business risk appetites with cyber security risk management.

*40% say they have an effective company-wide cyber security culture

Additionally, retailers observe that they are most likely to invest significantly in the following areas to prepare for evolving threats:

*application security (66%)

*cyber resilience processes across the business (65%)

*generative AI for social engineering attacks (63%)

*machine learning for pattern matching (63%)

Achieving cyber resilience

Based on these findings, LevelBlue recommends four specific steps for retailers to achieve cyber resilience: push cyber resilience up the organisation, embed cyber security responsibilities throughout the organisation, be proactive (not reactive) and prioritise resilience in the software supply chain. This means integrating cyber resilience considerations with business decisions at the highest level, fostering a cyber-resilient culture across the entire organisation, investing in cyber security measures to remain ahead of risks (such as advanced threat detection and response and exposure and vulnerability management technologies) and mandating transparency of suppliers’ cyber security credentials to help identify potential threats in the software supply chain.

*Download the complete findings of the 2025 LevelBlue Spotlight Report: Aligning Cyber Resilience and Business Goals in Retail to learn how retailers are adapting to the changing threat landscape. This report follows the April release of the 2025 LevelBlue Futures Report: Cyber Resilience and Business Impact, which can also be accessed online

**Further information concerning LevelBlue and the company’s managed security, consulting and threat intelligence services is available online at www.levelblue.com

Company Info

Western Business Media

Dorset House
64 High Street
East Grinstead, England, United Kingdom
RH19 3DE
UNITED KINGDOM

01342 33 3714

More from Western Business Media
Related Topics
AI
Artificial Intelligence
C-Suite
Cyber Resilience
Cyber Security
Deepfakes
LevelBlue
Retail Sector
Supply Chain Security
Related Articles
Latest Webinars
Redefining City Security with Artificial Intelligence
‘The Power of the Cloud’: Streamlining Security Management
The Power of the Cloud: How Cloud Technology Streamlined Security Management
Biometric access control: are fingerprint cards the future?
Biometric access control: are fingerprint cards the future?
Related Resources
Security Matters Podcast – Episode 36 now live to view
UK bolsters national security with Foreign Influence Registration Scheme.
Security Matters Podcast – Episode 35 now live to view
Latest News
LevelBlue research reveals surge in cyber threats targeting retailers
IFPO and Nu-Ology Training join forces on launch of CPSL qualification
Genetec predicts top physical security trends for 2026

Login / Sign up